Authority on Demand Control Authority Rights & Emergency Access.

Slides:

Advertisements

Similar presentations

Support.ebsco.com EBSCOadmin Reports & Statistics Tutorial.

Advertisements

Mag-Cell Product Presentation. Introduction Using the latest technology in GPRS communication Mag-Cell is a complete live Guard Monitoring Solution Automated.

IPS of Boston Checks On Demand! ® Welcome! To navigate this presentation, first click in this window, then use the arrow keys on your keyboard. Welcome!

ISecurity User Profile & System Value Replication.

1 Authority on Demand Flexible Access Control Solution.

Sage ERP X3 Workflow.

Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.

El Vis – Visman’s Electronic VISitor management system offers a module for Control of Contractors. The system is offered on a secure, maintained and controlled.

Hacking Capture Save and Playback User Session Screens.

1 Visualizer for Audit Graphical Business Intelligence Display & Analysis Tool.

WELCOME TO SKYWARD EMPLOYEE ACCESS Step 1

1 Visualizer for Firewall Display & Analysis Tool.

Electronic Official Personnel Folder (e-OPF) for Federal Employees 2014.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

HORIZONT 1 ProcMan ® The Handover Process Manager Product Presentation HORIZONT Software for Datacenters Garmischer Str. 8 D München Tel ++49(0)89.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Welcome to the Turnitin.com Instructor Quickstart Tutorial ! This brief tour will take you through the basic steps teachers and students new to Turnitin.com.

1 Colorado Department of Health Care Policy and FinancingColorado Department of Health Care Policy and Financing The Case Manager’s Guide to Critical Incident.

Welcome to the Turnitin.com Student Quickstart Tutorial! This brief tour will take you through the basic steps students new to Turnitin.com will need.

SYSLOG Real-Time Monitoring of System i Events. What is SYSLOG? Multi server environments are now the reality at most sites; however the number of operators.

1 Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting.

1 System Control & MSGQ. 2 System Control & MSGQ Features Uses QSYSOPR or any application message queue data as input to iSecurity Action module Enables.

1 Password Reset Effortless, Self service User Password Reset.

Audit Next Generation Monitoring, Compliance & Reporting

1 Action Automated Security Breach Reporting and Corrections.

WebReport/400 TCP/IP Configuration Presented by Kisco Information Systems.

For Sage MIP Fund Accounting

1 Visualizer for Firewall Graphical Business Intelligence Display & Analysis Tool.

Creating a Single Sign On Account. To create a Single Sign On ID please visit and select the option to create a new account.

Raz-Lee Security iSecurity for iSeries. 2 Facts about Raz-Lee  Internationally renowned iSeries solutions provider  Founded in 1983  100% focused on.

SMART Agency Tipsheet Staff List This document focuses on setting up and maintaining program staff. Total Pages: 14 Staff Profile Staff Address Staff Assignment.

NetService Cardholder Tutorial GE Corporate Payment Services 4246 South Riverboat Road Salt Lake City, Utah Copyright Information.

New Tools to Increase Sales And to Enhance The User Experience.

NSTS For Regulators. Agenda 1.NSTS Release Summary 2.Functionality/Enhancements 3.Scenarios/Demo 2.

1 Authority on Demand Flexible Access Control Solution.

99ATS Turbocharge your Hiring Process !!. ON TARGET Solution offered by 99ATS Overview Introduction Gaps in Recruitment Process Screenshot overview of.

Firewall End-to-End Network Access Protection for IBM i.

Greta Robertson Kathy Hoffman /11/2011 SCEIS Finance Automated Interfaces.

1 Action Automated Security Breach Reporting and Corrections.

Firewall End-to-End Network Access Protection for IBM i.

Module 15 Monitoring SQL Server 2008 R2 with Alerts and Notifications.

1 Authority on Demand Provide high authority “as-needed” with full Audit Trail.

1 PTF Tracker Automatic Tracking of PTFs and Software Changes.

WebConnect FOR EMPLOYEES Part of SubFinder’s advanced series of Web related products.

PaymentNet: Cardholders Procurement Services Laurie Krauel.

1 Command Control and Monitor CL Commands. 2 Command- The Need CL commands control nearly all IBM functionality Monitoring, controlling and logging CL.

Registration Solutions for your Event Management.

Welcome to the September Release Overview Meeting Please remember to place your phone on mute and do NOT place your phone on hold.

Page 1 of 42 To the ETS – Create Client Account & Maintenance Online Training Course Individual accounts (called a Client Account) are subsets of the Site.

UNCLASSIFIED – For Official Use Only 1 Contract Load Notification “Fly-in” Action ( Continue to Page Down/Click on each page…) Electronic Document Access.

CABLING SYSTEM WARRANTY REGISTRATION. PURPOSE OF CABLING REGISTRATION.

FHA Training Module 1 This document reflects current policy related to this topic. Its content is approved for use in all external and internal FHA-related.

Collecting Copyright Transfers and Disclosures via Editorial Manager™ -- Editorial Office Guide 2015.

1 Visa IntelliLink Spend Management Navigation as a Cardholder Training Deck.

Syslog for SIEM Products Using iSecurity Real-Time Monitoring of IBM i Security Events.

Presented by [Harshit Agrawal] 04/03/2017

ICE Integrated Cloud Environment Cloud Scanning and Mobile Printing

iSecurity Compliance with HIPAA

Project Management: Messages

Welcome! To the ETS – Create Client Account & Maintenance

Employee Self Service Lite Version

IBM Cognos Analytics Administrator V11 C Questions Answers

E-NOTIFY and CAER OnLine Training

Configuring Internet-related services

Security Control.

WELCOME How to Setup Yahoo Account Key Feature in Browser? CONTACT US

iSecurity AP Journal Training

iSecurity Password-Reset Training

Authority on Demand Control Authority Rights & Emergency Access

Presentation transcript:

Authority on Demand Control Authority Rights & Emergency Access

The Challenge System i sites define user’s security levels and allocate security rights corresponding to the different job responsibilities in the organization Emergency access to critical application data and processes is a potentially serious security breach which is often uncovered in System i audits. Manual approaches to this problem are not only error-prone, but do not comply with regulations and auditor’s often stringent security requirements.

Define Emer. Rules “Production” “Salary” “Weekend” Rules Details ADD/SWAP Auth. Rule Description Notification rules SYSLOG MSGQ Rule Conditions Date/Time Time Group IP Address Pin Code Define Potential Providers QSECOFR SECADMIN 1. Definition Stage - an authorized System Administrator defines sets of emergency rules 2. Emergency Stage - Requester asks for “Production” authority Must provide reason Enter Pin Code (optional) Specify Authority Provider Display/Print AOD & Audit (QAUDJRN) logs by time frame, Provider, or Requester 3. Auditing Stage - by Sysadmin or Auditor Authority on Demand: Workflow Get Auth. Release Auth.

AOD Features ADD and SWAP Security Levels (feature unique to AOD) – can ADD additional security rights to current user profile or grant a new security authority level. Authority Transfer On-Demand Rules & Providers - pre-define special authority "providers" and authority transfer rules. Safe Recovery from Emergency – recover from emergency situations with minimum risk of human error and maximum reporting of activities while running with higher special authority. Full Monitoring Capabilities - logs and monitors all relevant activities, and sends audit reports and real-time alerts when higher authority rights are provided. Simple, Controlled Access – Only authorized users can grant authority or access critical data and processes and incorporates easy-to-use reporting and monitoring mechanisms. Part of Comprehensive Solution - solidifies iSecurity's position as the most comprehensive security solution for System i environments.

5 AOD - Manager’s View

Authority on Demand Demo

AOD welcome screen.

AOD main menu. We’ll enter option 1 to define Authority Providers.

Let’s look at how QSECOFR is defined.

Notification and parameters.

Let’s look at option 2, AOD rules.

A rule is defined allowing Eli to request authority at off-hours.

We’ll explain this screen line by line.

In an emergency situation, Eli requests authority via Option 31.

The request was rejected, enter DSPAODLOG...

… because it was not requested during off hours.

Let’s update the definition for WORKHOURS via Option 21.

We enter Option 31 again, and Option 32 shows we’ve now obtained authority.

Let’s see what was written to QCONSOLE.

All AOD activity appears on this MSGQ.

Option 81  21 from the main menu allows us to define SYSLOG attributes.

These are the SYSLOG messages which were written.

Use option 41 to Display the AOD log.

We can filter the log entries by requester or provider.

This is the AOD log; F8 displays the Audit log for the selected entry!

This is the additional message information available for each AOD log message.

This is the QAUDJRN log for one AOD request.

Option 41; when printing the log, we receive the AOD log with “pointers” (i.e. attachments) to the appropriate QAUDJRN log…

This is the printed QAUDJRN log for a single AOD request.

Sample sent when request was rejected.

This is an actual screen “Capture” of the user’s activity with AOD.

This is one of the user screens “captured” (frame 11).

AP Journal within iSecurity

Please visit us at Thank You!